2.0 Version control

Issued – updated document design in line with new marketing guidelines.

1.1

22/11/2016

Legal team review and approval.

1.2

08/12/2016

Review and approval from the Global General Counsel, CIO and Head of Global Communications.
Updated contact details.

The official version of this document is maintained on-line in SharePoint. Before referring to any printed copies please ensure that they are up-to-date. Once printed, this document is considered an uncontrolled version.

3.0 Introduction

Cunningham Lindsey is committed to protecting the privacy of Personal Data we collect and process in conducting our business. “Personal Data” is information that identifies to you or other individuals (such as your dependants). This Privacy Policy describes how we will handle Personal Data that we collect through:

Our websites (the “Site”)

Software applications made available through computers and mobile devices (the “Apps”)

Claims management process:

Claim forms, telephone calls, e-mails and other communications with us, as well as from claim investigators, medical professionals, witnesses or other third parties involved in our business dealings with you

Collectively referred to as the “Services”.

We collect and process your Personal Data in accordance with this Privacy Policy which also includes details about our use of website cookies.

3.1 Who to contact about your Personal Data

If you have any questions about our use of your Personal Data you can e-mail: privacy@clglobal.com or write to:

Identification numbers issued by government bodies or agencies – Social Security or national insurance number, passport number, tax identification number, military identification number, or driver’s or other license number

Financial information and account details

Bank account number and account details, credit history and credit score

Medical condition and health status

In certain cases we may receive information about your current or former physical or mental or medical condition, health status, injury or disability information, medical procedures performed, personal habits (for example, smoking or consumption of alcohol), prescription information and medical history.

Other sensitive information

In certain cases we may receive sensitive information about your trade union membership, religious beliefs, political opinions, family medical history or genetic information (for example, if you apply for insurance through a third-party marketing partner that is a trade, religious or political organisation). In addition, we may obtain information about your criminal record or civil litigation history in the process of preventing, detecting and investigating fraud.

We may also obtain sensitive information if you voluntarily provide it to us (for example, if you express preferences regarding medical treatment based on your religious beliefs).

Telephone recordings

Recordings of telephone calls to our staff and offices.

Information to investigate crime, including fraud and money laundering: For example, insurers commonly share information about their previous dealings with policyholders and claimants for this purpose.

Prior accident or loss history, your status as director or partner or other ownership or management interest in an organisation and other insurance you hold.

Marketing preferences and customer feedback

You may let us know how you want to be contacted

4.1 How we use your Personal Data

We use this Personal Data to:

Communicate with you and other interested parties to manage your claim.

Send you important information regarding your claim and other administrative information.

Make decisions about claim assessment, processing and settlement.

Where applicable manage claim disputes.

Provide improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers).

Prevent, detect and investigate crime, including fraud and money laundering, and analyse and manage other commercial risks.

Carry out market research and analysis, including satisfaction surveys.

Manage our business operations to comply with internal policies and procedures, including those relating to auditing finance, accounting and billing, IT systems, data and website hosting, business continuity, document and print management.

Resolve complaints, and handle requests for data access or correction.

Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and comply with legal process and respond to requests from public and government authorities (including those outside your country of residence).

Establish and defend legal rights, protect our business operations (including our group companies), our rights, privacy, safety of employees and property, you or others related to the claim and pursue available remedies to limit our damages.

4.2 International Transfer of Personal Data

Due to the global nature of our business, for the purposes set out above we may transfer Personal Data to parties located in other countries (including the United States and other countries that have a different data protection regime than is found in the country where you are based). For example, we may transfer Personal Data in order to process international travel insurance claims and provide emergency medical assistance services when you are abroad. We may transfer information internationally to our group companies, service providers, business partners and governmental or public authorities.

4.3 Sharing of Personal Data

Cunningham Lindsey may make Personal Data available to the following parties for the purposes of claim assessment or as required by law:

Our group companies

Other insurance and distribution parties

In the course of processing claims, we may make Personal Data available to third parties such as reinsurance brokers, appointed representatives, distributors, financial institutions, securities firms and other business partners

Our service providers

External third-party service providers, such as medical professionals, accountants, actuaries, auditors, experts, lawyers and other outside professional advisors; travel and medical assistance providers

IT systems, support and hosting service providers, document and records management providers and outsourced service providers that assist us in carrying out business activities.

We may share Personal Data with government or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate:

to comply with applicable law and regulations, including those outside your country of residence

to comply with legal process

to respond to requests from public and government authorities including public and government authorities outside your country of residence

to protect our operations or those of any of our group companies

to protect our rights, privacy, safety or property, and/or that of our group companies, you or others

to allow us to pursue available remedies or limit our damages.

Other Third Parties

We may share Personal Data with emergency providers (fire, police and medical emergency services); retailers; medical organisations and providers; travel carriers; credit bureaus; credit reporting agencies; and other people involved in an incident that is the subject of a claim; as well as purchasers and prospective purchasers or other parties in any actual or proposed reorganisation, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business. To check information provided, and to detect and prevent fraudulent claims, Personal Data (including details of injuries) may be put on registers of claims and shared with other insurers. We may search these registers when dealing with claims to detect, prevent and investigate fraud.

We may also anonymise, aggregate or combine any of the information we collect to analyse trends and provide statistical data to assist with forward planning of business operations

5.0 Security of Personal Data

We will take all appropriate reasonable technical, legal and organisational measures, which are consistent with applicable privacy and data security laws to safeguard your Personal Data. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Data you might have with us has been compromised), please immediately notify us.

Where we provide Personal Data to a service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of your Personal Data.

5.1 Accuracy of Data

We take all reasonable steps to ensure that Personal Data we process remains accurate and complete as is necessary for the performance of our services to you and in line with the controls detailed in this Privacy Policy.

5.2 Retention of Personal Data

We will retain Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

5.3 Personal Data of other Individuals

If you provide Personal Data to us regarding other individuals, you agree:

to inform the individual about the content of this Privacy Policy

to obtain any legally-required consent for the collection, use, disclosure, and transfer (including cross-border transfer) of Personal Data about the individual in accordance with this Privacy Policy.

We do not seek or knowingly collect any Personal Data from children under the age of 13 and we request that children do not provide us with any personal information through the Site or the Apps.

5.4 Access and Correction Requests, Questions or Concerns

In certain countries, an individual may have the right to access, correct or object to the use of, or request deletion or suppression of Personal Data on certain grounds. Please contact us as set out in the “Who to Contact About Your Personal Data” section above with any such requests or if you have any questions or concerns about how we process Personal Data. Please note that some Personal Data may be exempt from access, correction, objection, deletion or suppression rights in accordance with local privacy and data protection laws.

5.5 Other Information We Collect

“Other Information” is information that does not reveal your specific identity, such as:

App usage data

Information collected through cookies, tags and other technologies

We and our third party service providers may collect “Other Information” in a variety of ways, including:

Through your use of the App: When you download and use the App, we and our service providers may collect App usage data, such as the date and time the App on your electronic device accesses our servers and what information and files have been downloaded to the App based on your device number.

Using cookies: Cookies are pieces of information stored directly on the computer you are using. We use the following cookies:

Cookie Name

Google Analytics _gat, _ga

These 2 cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

5.6 Third Party Services

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our group companies. Before providing any Personal Data to any such linked website, please make sure to review that website’s privacy policy carefully to understand how it deals with your Personal Data.

6.0 Consent to Use Personal Data

By using the Services or providing us with your Personal Data you consent to its processing as outlined in this Privacy Policy. If you do not consent, please do not use the Services or provide us with your Personal Data by any other means. If necessary, please contact us as set out in the “Who to Contact About Your Personal Data” section above for further information.

7.0 Changes to this Privacy Policy

We review this Privacy Policy regularly and reserve the right to make changes at any time to take account of changes in our business and legal requirements. We will place updates on our website.https://www.cunninghamlindsey.com